faceperfect.co

Privacy Policy

Last updated: 2026-04-22

1. Introduction

faceperfect.co (“we,” “our,” or “us”) is operated by VESTIGE SA, Rue de la Grotte 6, c/o DYN SA, 1003 Lausanne, Switzerland, as data controller. We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our website and AI-assisted personal color analysis service (uploading a photo to receive structured color notes and an optional generated infographic).

For GDPR-specific rights and legal bases, see our GDPR information. For cookies and similar technologies, see our Cookie Policy.

2. Information we collect

2.1 Personal information

  • Account and contact — email address, locale, and optional country you provide; password hash we store so you can sign in.
  • Optional profile fields — for example first name when you choose to provide it for personalization.
  • Payment-related metadata — subscription status, Stripe customer and subscription identifiers, and billing consent text shown at checkout. Card numbers are collected and processed only by Stripe; we do not receive your full card number.

2.2 Content you provide for the service

  • Photo — the face image you upload so we can run AI analysis and build your color palette report.
  • Onboarding answers — such as birth year range, country, and preferences you submit in the onboarding flow (stored with your account or draft session as applicable).
  • Generated outputs — the structured analysis and optional infographic image we create and store so you can view them in your account.

We do not operate a collaborative family tree product, do not ask you to build a pedigree in the product, and do not collect DNA or genetic test data.

2.3 Usage and technical information

  • Device and browser — general technical data typical of web requests (for example user agent) as received by our hosting provider.
  • IP address and approximate location — processed by infrastructure and payment partners for security, fraud prevention, and compliance; we do not use your IP to build a fine-grained marketing profile.
  • Product usage — events necessary to run the service (for example authentication, checkout, and report generation). Where we use aggregated or de-identified analytics, we describe that in updates to this policy.

3. How we use your information

We use personal data for purposes including:

  • creating and securing your account;
  • generating and displaying your AI-assisted color palette report and optional infographic from your photo and onboarding inputs;
  • processing payments and subscriptions, including via Stripe and the Stripe Customer Portal;
  • sending service-related emails (for example receipts, password reset, and critical notices);
  • improving reliability, performance, and security of the platform;
  • detecting abuse, fraud, or violations of our terms; and
  • complying with legal obligations and responding to lawful requests.

Legal bases under GDPR (where applicable) include contract, legitimate interests, consent (where we ask for it separately), and legal obligation. See the GDPR information page for more detail.

4. Information sharing and disclosure

4.1 No sale of personal data

We do not sell your personal information. faceperfect.co is not a social network: we do not publish your photo or report publicly for other users to browse.

4.2 Service providers (processors)

We share data with vetted providers who process it on our instructions and for the purposes above, including:

  • Google (Gemini) — to analyze your photo and generate report text or images (processing may occur in the EU and/or US).
  • Neon — hosted database for application data (EU / US regions as configured).
  • Stripe — payment processing, billing portal, and related fraud and compliance tooling.
  • Vercel — hosting and delivery of the web application.

Each provider has its own privacy notice for how it handles data in its systems; we choose configurations and agreements intended to respect EU/UK/Swiss data protection expectations.

4.3 Legal requirements

We may disclose information if required by law, court order, or governmental request, or if we reasonably believe disclosure is necessary to protect the rights, property, or safety of our users, VESTIGE SA, or the public, in line with applicable law.

5. Data security

We implement technical and organizational measures appropriate to the risk, including encryption in transit (HTTPS), access controls, separation of production environments, and reliance on reputable infrastructure vendors. No method of transmission or storage is completely secure; we work to reduce risk and to respond promptly if issues arise.

6. Your privacy rights

Depending on your location, you may have rights such as:

  • Access — request a copy of the personal data we hold about you;
  • Correction — request correction of inaccurate data;
  • Deletion — request erasure subject to legal retention exceptions;
  • Portability — receive certain data in a structured, machine-readable format where the law requires;
  • Objection / restriction — object to or ask us to limit certain processing where the law allows.

To exercise these rights, contact hello@faceperfect.co or write to VESTIGE SA at the postal address in Section 11. For step-by-step GDPR information, see GDPR information.

7. International data transfers

Your information may be processed in Switzerland, the EEA, the United Kingdom, the United States, or other countries where our providers operate. Where personal data is transferred from the EEA, UK, or Switzerland to countries not covered by an adequacy decision, we use safeguards recognized under applicable law (such as standard contractual clauses and supplementary measures where appropriate).

8. Data retention

We retain information only as long as needed for the purposes in this policy, including:

  • Account data — for the life of your account unless you ask us to close it and applicable law allows deletion.
  • Photos — while your account is active and deleted when you request erasure, subject to backup rotation.
  • Reports and generated images — for the duration of your subscription plus a short grace period (currently 30 days) unless we state otherwise on the site.
  • Billing records — Stripe retains payment records under its policies; we retain subscription and invoice metadata for accounting, tax, and dispute resolution for as long as required by law (often several years).

9. Children’s privacy

The service is not directed at individuals under 16. We do not knowingly collect personal information from anyone under 16. If you believe we have collected data from a child without appropriate authority, contact us and we will take steps to delete it where the law permits.

10. Changes to this Privacy Policy

We may update this Privacy Policy to reflect changes to our practices, features, or legal requirements. We will post the revised policy on this page and update the “Last updated” date. Where changes are material and the law requires, we will provide additional notice (for example by email to the address on your account).

11. Contact us

Questions about this Privacy Policy or our data practices:
Email: hello@faceperfect.co

Postal address
VESTIGE SA
Rue de la Grotte 6, c/o DYN SA
1003 Lausanne
Switzerland